Even tho’ the apps are sharing the same Database, each app uses a different auth table
I can’t login two both these apps at the same time WITH CHROME – somehow the first applications cookie (with domain abc.pdq.com) collides with the second applications cookie (for xyz.pdq.com)
If I login to abc.pdq.com using the first app – then my session cookie for the second app is then invalidated and I have to re-login on the second app – which invalidates the cookie on the first app (etc., etc.)
Does anyone know what CHROME’s problem is?
Each session cookie specifies the full [host].[domain].[tld]
authModelAccessor: 'validatePhone',
// A map of what dbAuth calls a field to what your database calls it.
// `id` is whatever column you use to uniquely identify a user (probably
// something like `id` or `userId` or even `email`)
authFields: {
id: 'id',
salt: 'salt',
username: 'phone',
hashedPassword: 'hashedPassword',
resetToken: 'resetToken',
resetTokenExpiresAt: 'resetTokenExpiresAt',
},
and
authModelAccessor: 'user',
// A map of what dbAuth calls a field to what your database calls it.
// `id` is whatever column you use to uniquely identify a user (probably
// something like `id` or `userId` or even `email`)
authFields: {
id: 'id',
username: 'email',
hashedPassword: 'hashedPassword',
salt: 'salt',
resetToken: 'resetToken',
resetTokenExpiresAt: 'resetTokenExpiresAt',
},
Yeah in dev since the host is always just localhost the cookies will override each other since they have the same name session.
One way around this would be to use an incognito window for one domain and a regular window for the other. Then you could be logged in to both without overwriting each other’s cookies.
I suppose we could let you customize the name of the cookie if you wanted, so that you could give each app a unique name and their cookies wouldn’t collide…hmmm…
Oddly I do not have the same problem in FF or Safari – so I could also: just not put both in chrome – I’ve been running one or the other in a different browser